From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from mail-ej1-x642.google.com ([2a00:1450:4864:20::642]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1jslHU-0005oi-IU for ptxdist@pengutronix.de; Tue, 07 Jul 2020 12:56:57 +0200 Received: by mail-ej1-x642.google.com with SMTP id n26so32177719ejx.0 for ; Tue, 07 Jul 2020 03:56:56 -0700 (PDT) MIME-Version: 1.0 References: <20200706152441.4200-1-bruno.thomsen@gmail.com> <20200706165610.GD19479@pengutronix.de> <20200707100622.GI25134@pengutronix.de> In-Reply-To: <20200707100622.GI25134@pengutronix.de> From: Bruno Thomsen Date: Tue, 7 Jul 2020 12:56:39 +0200 Message-ID: Subject: Re: [ptxdist] [PATCH] bugfix: kernel: install modules with 755 permission List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ptxdist-bounces@pengutronix.de Sender: "ptxdist" To: ptxdist@pengutronix.de Den tir. 7. jul. 2020 kl. 12.06 skrev Michael Olbrich : > > > Hmmm, you're running ptxdist with a 0002 umask, right?[1] > > > > Yes, I am running ptxdist with 0002 umask as a user. > > > > On Fedora users run with 0002 umask and root runs with 0022 umask, > > but ptxdist does not support building as root, e.g. rootless > > containers (podman). > > > > $ podman run --rm -it fedora:32 > > [root@7940c80a5df2 /]# whoami > > root > > [root@7940c80a5df2 /]# umask > > 0022 > > > > So requiring that umask seems a little counter intuitive to me. > > The problem is, that a lot of packages don't explicitly set the permissions > when creating files or directories during 'make install'. > Especially directories are often created with a simple 'mkdir'. > As a result, the permissions depend on your current umask. > > And then install_tree looks just takes that permission. At that point > PTXdist cannot know, if the permission was explicitly set like this or not, > so we cannot do a fixup. > > We could change the umask during the ptxdist run, but I'm reluctant to do > this because the umask is a security feature and just changing it feels > wrong to me. > Hmm, maybe we could just make it strikter: > > mask="$(umask)" > if [ "$(( (mask | 0022) & 0755))" -eq 0 ]; then > umask 0022 > else > # fail here? > fi > > or something like that? Given the use-case I think your suggestion makes sense; Make umask stricter when ptxdist is started with something like 0000 or 0002. Keep umask 0022, and fail in case it's started with another umask. This will make it consistent with how ptxdist handles being started with UID = 0. Fail trace suggestion: ptxdist: error: refusing to run PTXdist with umask ${mask}. /Bruno _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de